Dieter Maurer wrote:
> A user that does not log in, i.e. a user you know nothing of,
> gets the "Anonymous" role automatically (at least with "acl_users").
> A logged in user may not get the "Anonymous" role.
> This does not provide additional security, because this
> user may simply shut down his browser and access the page again
> as anonymous user.
> On the other hand, it may result in surprises: suddenly (after
> a log on) I can no longer do things that I was able to do
> before the log on.
> I think, this should be changed.

I agree, and I've said so, many times before ;-)


Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to